Light Dark
August 18, 2017 By David Strom 2 min read
Risk Management

End users in the U.S. and U.K. have very different attitudes toward security. Earlier this summer, Wombat Security surveyed more than 2,000 working adults — half in the U.S. and half in the U.K. — about various cybersecurity topics and perceptions of best practices. The researchers found some interesting surprises and noted a series of different attitudes and actual security practices between citizens of the two countries.

Identifying Security Awareness Gaps

The biggest difference is that half of the Americans surveyed have been cybertheft victims, compared to 19 percent of British respondents. Statistics regarding social media breaches were similarly skewed.

Alarmingly, the report also revealed some interesting misconceptions about security basics. Roughly one-third of the Americans thought that malware was something that boosted Wi-Fi signals, for example, while only a small percentage of the British respondents thought this was true. Clearly, there is room for education here on both sides of the pond.

Another big difference: Americans have more trust in their digital lives than U.K. users, which is not necessarily a good thing. More than half of the U.S. respondents thought they could trust Wi-Fi networks in locations such as a hotels and coffee shops, but less than a third of the British respondents felt this way. Almost the same percentage of U.S. users (58 percent) thought they could trust their antivirus software to stop a potential cyberattack, while only 37 percent of U.K. users thought that was true.

Differences in Security Practices

When it comes to using appropriate password hygiene, 38 percent of Americans use password managers, compared to 10 percent of British users. Still, both groups have a big block of users who maintain just a few of the same passwords when they go online. Additionally, 8 percent of U.S. users and 14 percent of U.K. users lack a lock screen password on their mobile devices.

Virtual private network (VPN) use is more widespread in the U.S. than in the U.K. (65 percent versus 44 percent, respectively). In fact, 33 percent of British respondents reported that they didn’t know what a VPN was, compared to just 19 percent of Americans. And although 21 percent of users in the U.S. reported that they rarely or never use a VPN, that number was almost twice as high for British respondents (38 percent).

A Long Way to Go

The report made no attempt to explain why these fundamentals of network and data security diverge between the two populations. Still, both American and British users clearly have a long way to go before we can see better security practices in the general population.

 |  |  |  |  |  | 
David Strom
Security Evangelist

More from Risk Management
February 14, 2025

4 ways to bring cybersecurity into your community

4 min read - It’s easy to focus on technology when talking about cybersecurity. However, the best prevention measures rely on the education of those who use technology. Organizations training their employees is the first step. But the industry needs to expand the concept of a culture of cybersecurity and take it from where it currently stands as an organizational responsibility to a global perspective.When every person who uses technology — for work, personal use and school — views cybersecurity as their responsibility, it…

February 12, 2025

When you shouldn’t patch: Managing your risk factors

4 min read - Look at any article with advice about best practices for cybersecurity, and about third or fourth on that list, you’ll find something about applying patches and updates quickly and regularly. Patching for known vulnerabilities is about as standard as it gets for good cybersecurity hygiene, right up there with using multi-factor authentication and thinking before you click on links in emails from unknown senders.So imagine my surprise when attending Qualys QSC24 in San Diego to hear a number of conference…

February 3, 2025

CISOs drive the intersection between cyber maturity and business continuity

4 min read - The modern corporate landscape is marked by rapid digital change, heightened cybersecurity threats and an evolving regulatory environment. At the nexus of these pressures sits the chief information security officer (CISO), a role that has gained newfound influence and responsibility.The recent Deloitte Global Future of Cyber Survey underscores this shift, revealing that “being more cyber mature does not make organizations immune to threats; it makes them more resilient when they occur, enabling critical business continuity.” High-cyber-maturity organizations increasingly integrate cybersecurity…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature